Xbox Live Bans User For Getting Hacked

After his Xbox Live account was stolen, Josh had to file a Better Business Bureau complaint in order to make MIcrosoft pay attention to him and restore his account access. After three months, he was delighted to log back in to his account, but surprised to learn that he had been banned for a “code of conduct violation.” What did his account do to get banned? It was trying to steal other accounts. Imagine that.

A friend recommended I share my terrible experience with my Xbox live account getting hacked as you’d written some about the recent rash of hackings and Microsoft’s lackluster response to the problem.

My account was stolen and migrated to Russia on October 25th, and 1200 points were spent. I reported it immediately to Microsoft, but nothing had happened for over 2 months. As such, in late December I filed a complaint with the Better Business Bureau, and finally got a call from an Exceptions Analyst with the Microsoft Corporate office in response to the complaint.

He got things moving and I got the e-mails confirming the investigation was over and I could recover my account in less than a week. At first I was thrilled that the process was over after 3 months of being locked out of my account. However, I then noticed another e-mail saying my account was permanently banned for a code of conduct violation. I got the run around over this past weekend with phone support and the Xbox Live Policy Enforcement Team’s Suspensions forum, and just had to file another unauthorized access claim to have them look into what the hacker had done to get my account banned.

I called up the Exceptions Analyst again on Monday when he was back in the office to get more info. He said the file indicated that the policy enforcement team had ruled that the violation happened before the account was reported as stolen, and thus banned it. The violation was using the account to try to steal other accounts! So obviously these hackers are stealing accounts and then using them to steal other accounts to cover their tracks. The analyst believes me and says that’s probably what happened and forwards the case back to the Policy Enforcement Team for review, though he warns me that he doesn’t have any direct contact or influence with them. A day later he calls me back and informs me that they ruled that the ban will stay in place. Since the hacker had my Windows Live ID and Password, they apparently have no way of knowing when my account was compromised before it was migrated to Russia on October 25th, and the violation that got the account banned happened before that.

So now my account is permanently banned, and I thus lose all my DLC and XBLA licenses, and can’t play my game saves online on other gamer tags and so on. All because of the Policy Enforcement Teams absurd zero tolerance tactics, and unwillingness to listen to reason. It’s not complicated to realize that when a stolen account was banned for trying to steal other accounts, it was the hacker doing it before the user realized the account was compromised and reported it to Customer Support. I’m a 33-year-old college professor, not a Russian hacker!

Anyway, at this point I don’t even want any compensation from Microsoft, and have in fact already traded in the 360 and switched to PS3 as I just can’t support Microsoft anymore after how I was treated after being a victim of a hacking. I’m simply hoping your site will publicize this experience so Microsoft gets some negative PR and has to change their practices. I don’t want other gamers to go through the same experience that happened to me.

Well, think of it this way. 24 hours from now, he’ll magically get an email from Microsoft saying that his account has been unbanned and Microsoft will send emails to any outlets which ran this story proclaiming that they’re always willing to help out the little guy who is just an innocent victim, but must take security breaches – no matter how small – very seriously. History speaks for itself…

He’ll be able to redownload everything on that shiny new XBox that Microsoft is sending him, so he’s not really out anything when all is said and done.

Sure it’s nice that this guy got his issue resolved and got a new XBox and some games for his trouble as well, but what about the folks who don’t take to the internet to complain? There are people out there in similar situations who will never get their cases resolved, and if anyone really thinks that Microsoft is going to actualy revise its policies to make sure shit like this doesn’t happen anymore in the future, you’re out of your tree. Those people will be fucked, and I can asure you that this will most undoubtedly happen again. And unless whomever it happens to takes to the internet, and the internet actually gives half a squirt of piss about it like they did this guy’s story, they’ll get away with it too.

Monumental douchebag is more like it. Just an analog of the dipsh1ts that declare how “disgusting” any fast-food place is in those articles and that they would never eat there, and ove the morons who show up on sports-related posts and burp up “I don’t watch sports so I don’t care.”

I hate to say this, but he might not have that much luck with Sony and the PS3. Of course I understand the change fully considering Microsoft should have helped him out with a new account and licenses.

You’re missing the more recent events that Kotaku reported on yesterday. In short, the hack originated from someone getting their hands on the guy’s older Xbox 360. From that unit, they were able to access his account.

He got banned for account hacking because MS investigated the claim that the hacking was done by someone other than the user and found that the hacking attempts originated from the console which was the primary user of his Xbox Live account and were done prior to the region migration done to move the XBL account to Russia. Putting two and two together, they figured that indicated that it was the regular user and not the hacker and banned the account.

MS eventually figured out that the Russian hacker had actually obtained the user’s original console and lifted the ban, and is sending him a new console to replace the one he got rid of.

Kotaku makes it sound like the resolution was fairly recent, and they got information on the resolution both from Microsoft in response to their request for comment from Microsoft on the story and from the original customer who had since heard back from MS.

So, it is a recent development, but it does sound like they might not have followed up with the customer prior to posting this story to find out about the recent development.

If by ‘jump through hoops’ you mean prove you’re the account owner and have the account back in your hands in less than 8 hours with nearly all items restored and the account unbanned. At least that’s been the case for the dozen or so people I know that have been hacked. It’s a cakewalk compared to some other MMOs.

Wife had her account stolen several months after we quit playing. She didn’t appreciate someone using her hard work for profit so she went about recovering the account. She did it all herself in a couple of days, and as she didn’t ask me to mail or fax anything, or help her at all, i must assume that it was terribly easy to recover. they even offered her a couple months of free game time to make up for it. She turned it down, as, like i said we quit playing quite some time ago.

Get the blizzard authenticator for smartphone or an authenticator key fob. I kind of wish Steam had something like that as well since I have hundreds of dollars of games I’ve bought on there over the last 10 years so a two step authentication would give some peace of mind. If I lost that Steam account….. yeah I’d freak out.

In the spirit of discussion, can you tell me how you spend your leisure time? For many, video games are one of several casual pursuits. People I know who game also read, make art, rock climb, participate in their kids’ sports, act, etc. Sometimes they sit on their asses, watch movies, television, or play games. At least in my circles, those of us who game do so to decompress from generally busy and full lives.

I generally try. The bait was too alluring this time. We all have down-time. So long as you’re not hurting others, I question why anyone cares how you spend it. You can do cross-dressed competitive eating while running a marathon for all I care.

I play games to prevent punching overbearing asshats (such as yourself) in the face. Sadly, I have to game more and more as time passes because the asshats (once again, such as yourself) are getting more and more bothersome. I fear the day that someone invents the ability to physically reach through the Internet and stab someone in the face for that will be my last day of freedom on this planet.

The story would have been better if you’d have posted his update as well, especially this part (emphasis is mine):

He explained the situation to me in detail. What had happened is that apparently my old XBOX 360, which had gotten the RROD on January 1st, 2011, ended up back in circulation somehow. I’d simply taken it to Best Buy for recycling when I bought my new Slim 360 because it was out of the 3-year warranty period.

The original story happened to a friend of mine, and started blowing up across the internet, once she got her issue fixed she decided to try to gather other people’s xbox stories of woe to see if they could help each other.

I sent it to Consumerist when it hit a lot of the gaming news sites, but they never posted it.

This happens quite often. The team that does the banning is separate from the customer service team and so they don’t know if an account is hacked or not. All the OP has to do is send a message to the Enforcement team, they will investigate his claim of being hacked, and if there’s enough evidence they would then unban him.